Data Security Lead

Arup

Data Security Lead Overview

Company Name Arup
Job Role Data Security Lead
Qualifications Not Specified
Category IT Jobs
Job Type Full Time
Location Multiple Locations

Arup is looking for a Data Security Service Lead to create and lead a new data security capability within its Digital Technology organisation. The role sits within the Cyber Resilience team, alongside specialists in identity and access management, security engineering, privileged access management, and related cyber functions. That wider team works with Security Operations and Governance, Risk and Compliance to help safeguard Arup’s platforms, information, and data.

This is a leadership role with both strategic and operational responsibility. The successful candidate will establish the new data security service from the ground up, define what the service is meant to achieve, decide how it will operate, and set the measures that will show whether it is succeeding. The role also carries single-point accountability for data security outcomes across the business, with responsibility for turning a data security plan into ongoing delivery that is embedded in day-to-day operations.

What you will do

  • Set up and lead Arup’s new data security service, including its overall vision, delivery roadmap, operating model, and success measures.
  • Translate the data security plan into a clear, prioritised, multi-year programme of work.
  • Cover the full range of core data security controls and capabilities, including governance, data classification, data loss prevention, encryption, monitoring, and resilience.
  • Take ownership of data security outcomes across the organisation and ensure the service is delivered in a sustained and operationally effective way.
  • Build the team needed to support the service and establish the governance structure that will guide it.
  • Work closely with peers across cyber security to make sure data protection is built into how Arup operates and delivers work.
  • Partner with senior stakeholders and technical teams to turn strategy into practical action.
  • Help set priorities, provide advice on difficult data risk issues, track progress, and drive continuous improvement in how data is protected across its lifecycle.
  • Combine strategic leadership with hands-on delivery so the service is not only well designed but also successfully implemented.

What Arup is looking for

  • Deep specialist knowledge of data security, especially in the areas of classification, data loss prevention, encryption, and lifecycle protection of information.
  • Strong familiarity with security standards and frameworks such as ISO/IEC 27001, NIST CSF, and CIS Controls.
  • Evidence of leading or owning a security service or capability at enterprise or global scale.
  • The ability to operate comfortably at both strategic and operational levels and to turn plans into long-term delivery.
  • Excellent stakeholder management skills, including the ability to influence senior leaders and technical experts.
  • Experience handling complex data security or risk matters and shaping workable responses.
  • Confidence in defining governance, setting direction, and delivering measurable outcomes for a security function.

What Arup offers

Arup says it provides a reward package designed to recognise contribution and support members’ success. Alongside competitive pay, the organisation offers a career environment where people can belong, develop, and thrive, supported by wellbeing-focused benefits, learning opportunities, and the chance to make a meaningful impact through their work.

As a member-owned organisation, Arup is owned in trust for its members, which gives it the freedom to choose work aligned with its purpose and values. Members collaborate on ambitious projects that aim to deliver strong outcomes for clients and communities. Profit share is an important part of the reward package, allowing members to share in the results of the firm’s collective performance.

  • Global profit share scheme, with payments dependent on the firm’s financial performance.
  • Private medical insurance.
  • Life assurance.
  • Accident insurance.
  • Income protection cover.
  • Flexible benefits to support wellbeing and personal or family needs.
  • Access to learning opportunities and development support.

Culture, inclusion, and application support

Arup describes itself as an equal opportunity employer with an active commitment to diversity and inclusion. Applications are welcomed from people of all backgrounds, including differences in age within legal limits, gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and pregnancy or family leave status.

The organisation says it values diverse experiences, perspectives, and ideas, and that this helps drive excellence. It also highlights internal employee networks that support inclusion across race and cross-cultural working, gender equity, LGBTQ+ inclusion, and disability inclusion.

Arup states that it is committed to making recruitment and the workplace accessible. Candidates who need assistance or reasonable adjustments during the application or interview process, or to carry out the essential duties of the role, are encouraged to let the company know so support can be arranged.

Applicants are directed to the careers page for information about the next steps in the recruitment process. Arup also warns candidates to stay alert to fraud and notes that it will never ask for payment or bank details as part of recruitment.

Location information

The role is listed with Cardiff as the primary location and also shows additional possible locations in Madrid, Leeds, Krakow, Birmingham, Bristol, and London. The posting does not state a specific working pattern such as remote, hybrid, or fully onsite.


Degree Requirement: Not Specified

Visa Sponsorship May be

To apply for this job please visit jobs.arup.com.

admin
the authoradmin